Working With AWS CLI
AWS provide lots of products or services and for using those services multiple ways are available for us, we can use the GUI console of AWS (Web App) or we can write some automation codes to create our infrastructure. At starting, we always like and are comfortable with GUI as it easy to use but it will not provide us all the options available to satisfy some customized requirements. So, here we are going to use command line interface (CLI) to connect with AWS and use its services.
First of all we should have the AWS CLI software which is very simple to install. For installing AWS CLI you can visit this link,
‘https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html’
After that we can run aws command to check if it is installed properly,
For connecting to our AWS account we need a user with some keys (for authentication), So we need to have an existing user or add a user through IAM service of AWS.
Add a user and after creating it save the credentials (Id and key) as we will need it later to configure aws-cli.
We have to attach a policy to give powers to the user we are creating. Here I gave admin access, it will have all the powers except billing dashboard.
We need to configure our user profile using configure command and copy paste the access key ID and secret access key that we got while adding a user in IAM.
aws configure
AWS provide a great documentation to help us dealing with all the services. So, we don’t need to remember any command and just use the ‘help’ anywhere when we are stuck or want to see all available commands and options. It will give a long list, just do enter-enter and we can explore all the commands.
aws help
We are going to use some of the services of AWS to show how to work in CLI,
Following is the task we are going to do through AWS-CLI
🔑 Create a key pair
🛡 Create a security group
💻 Launch an instance using the above created key pair and security group.
💿 Create an EBS volume of 1 GB.
🔗 The final step is to attach the above created EBS volume to the instance you created in the previous steps.
As all these services (key-pair, security group, instance and EBS) comes under EC2 service of AWS, so we will be using aws ec2 command. And to see other sub-commands in it we have the documentation with us (using help). It will give the complete description and list of commands available.
aws ec2 help
- Going down we can find a command called creat-key-pair and that is what we want, again we can use help with it to see the available options in it and this is the way we can find and use all the required aws services.
aws ec2 create-key-pair help
So, create a key pair.
aws ec2 create-key-pair --key-name <your_key_name>But this will print the key as output.
So rather we copy this key, create a file and paste into it we can redirect the output to a file. The following command will create a ‘clikey.pem’ file in current directory and it will contain the generated key-pair.
aws ec2 create-key-pair --key-name clikey > clikey.pem
We have successfully created a key-pair,
2. Creating a security group,
Using the same approach we can create a security group with following command
aws ec2 create-security-group --group-name <any_name> --description "Security Group from CLI"
Looking at the console, our security group is also created.
But there is no inbound rule set and in this case no one can connect to the instance. So, we can also add some rule to the created security group.
aws ec2 authorize-security-group-ingress --group-name mysg --protocol tcp --port 22 --cidr 0.0.0.0/0
As we can see, we have also added the rule,
3. It’s time to create an instance with the created key-pair and security group.
We can provide multiple options while creating an instance but few are compulsory like image-id and instance type. So again we can use help command to see the documentation,
aws ec2 run-instances help
Let’s pick some of them and launch an instance,
aws ec2 run-instances --image-id <any_image_id> --instance-type <instance_type> --key-name <your_key> --tag-specifications ResourceType=instance,Tags=[{Key=<string>,Value=<string>}] --security-groups <sg_name>So, here we are creating a t2.micro instance with the created key and security group. I also added a name tag.
This part is also done,
4. Now lets create a EBS volume.
Note that volume should be created in the same availability zone in which our instance is created if we want to attach it. We can see details of our instances (here we want to know availability zone) using describe-instances command.
aws ec2 describe-instances
Now creating a volume,
aws ec2 create-volume --volume-type <type> --size <size> --availability-zone <zone> --tag-specifications ResourceType=volume,Tags=[{Key=<string>,Value=<string>}]So I created a volume of 1Gb size,
We can see that the status is available and not in use. So, we have created a volume which is not attached.
5. Next, we need to attach this created volume to our instance.
For attaching we will require following options,
aws ec2 attach-volume --volume-id <created_volume_id> --instance-id <your_instance_id> --device <any_valid_device_name>
Finally, we have also attached our volume to the instance.
So, we have done this task to understand how to use AWS CLI for creating and managing resources on AWS cloud with the right approach.
